http://bugzilla.suse.com/show_bug.cgi?id=1083723 http://bugzilla.suse.com/show_bug.cgi?id=1083723#c2 Jiri Slaby <jslaby@suse.com> changed: What |Removed |Added ---------------------------------------------------------------------------- CC| |security-team@suse.de Flags|needinfo?(jslaby@suse.com) |needinfo?(security-team@sus | |e.de) --- Comment #2 from Jiri Slaby <jslaby@suse.com> --- (In reply to Michael Schröder from comment #1)
It's possible, of course, but we aren't allowed to do this. Please talk with the security team.
NEEDINFO-ed now.
Why do you even need that? Can't you just add that Kernel: key to your list of allowed UEFI keys on your test machine?
It's mainly convenience. It might be rather easy for *me* to upload the key to the FW (BTW could somebody write down how -- I have no idea?). But it's rather hard for users if I ask them to test KOTD on a secure-boot enabled machine. Well, it's always like, disable secure boot, check, reinstall/remove the kernel, enable secure boot, etc. It's possible, but inconvenient. In the end, KOTDs are officially provided kernels. So I would love to see them signed by SUSE keys too. -- You are receiving this mail because: You are on the CC list for the bug.